Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B66965AACD3411EF9B81D373762E951A.roa
File:                     B66965AACD3411EF9B81D373762E951A.roa (raw, json)
Hash identifier:          qcDjDULmWuVXoHbij0oXH1ZECP5l+uHmPNFxNAUtcRY=
Subject key identifier:   A2:5B:DA:5A:E3:E8:F9:F7:11:82:0E:D8:DB:24:07:60:CC:A3:17:46
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       FE0F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B66965AACD3411EF9B81D373762E951A.roa
Signing time:             Tue 07 Jan 2025 20:19:35 +0000
ROA not before:           Tue 07 Jan 2025 20:19:32 +0000
ROA not after:            Mon 13 Dec 2027 20:19:32 +0000
asID:                     17561
IP address blocks:        156.243.48.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Fri 07 Feb 2025 00:26:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65039 (0xfe0f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR
        Validity
            Not Before: Jan  7 20:19:32 2025 GMT
            Not After : Dec 13 20:19:32 2027 GMT
        Subject: CN=677d8c57-65bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:1c:da:b4:f6:05:e3:2c:40:8b:70:96:7c:f9:
                    73:a2:14:9f:2a:a1:e5:43:e7:18:f7:85:26:28:ce:
                    0e:20:5e:99:b7:91:2c:4a:74:9b:51:3b:8d:f4:34:
                    3f:1c:6c:6f:42:5a:8f:f9:f5:46:e6:f9:42:a0:0c:
                    70:c8:d0:ab:ba:39:f3:b5:30:54:e3:ce:17:9d:34:
                    a1:65:81:1c:d8:29:11:84:d4:92:5f:23:b5:d5:25:
                    28:f1:d3:50:ec:44:7a:dd:07:72:72:1a:21:8a:11:
                    5a:1d:5c:70:af:f8:f2:c8:ee:cf:51:a2:06:f1:82:
                    f1:f9:c6:ba:fa:d6:4e:e2:c4:d3:bb:59:ef:2b:87:
                    76:7e:57:9d:09:77:eb:bd:1a:f2:ea:50:a4:d2:ce:
                    4e:93:13:67:f1:f0:8d:b2:43:e1:a3:bc:ff:77:82:
                    69:25:58:72:7d:a4:d0:ba:70:29:a8:f5:7e:c8:d7:
                    8d:cb:93:4e:8e:9a:83:93:b2:62:7e:65:ec:c1:30:
                    21:81:e4:31:22:72:09:9a:df:ac:a9:09:05:ac:75:
                    a7:7f:29:d6:15:25:1c:f0:5d:93:5e:fc:97:0e:09:
                    d7:d4:61:fb:8c:6f:f0:91:f9:06:df:7e:08:4b:82:
                    4a:71:83:00:bb:31:78:f9:4b:ae:79:c2:81:22:7f:
                    e7:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:5B:DA:5A:E3:E8:F9:F7:11:82:0E:D8:DB:24:07:60:CC:A3:17:46
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B66965AACD3411EF9B81D373762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.243.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:12:a6:04:8b:ab:86:7e:67:a1:f5:7a:f2:7f:3a:2e:98:26:
         c3:30:85:63:ac:31:46:f2:cc:0f:10:6b:34:6b:ce:65:dd:97:
         ce:32:95:5d:96:e1:e6:99:42:4b:f2:52:5c:47:25:bb:6d:c6:
         e5:06:8b:21:5a:26:a5:74:ec:33:ee:83:ef:95:d1:1c:06:f9:
         fb:85:d3:56:c5:13:0c:2d:66:18:0e:b7:69:d1:7c:21:e3:e9:
         03:36:7a:b4:fd:d9:da:fb:f2:31:13:af:f6:5b:5d:15:f7:be:
         61:f8:0a:eb:43:76:70:a5:78:90:b5:09:27:75:e8:66:8c:ca:
         b1:cf:f9:c5:8d:42:4e:06:55:a6:c7:70:a0:3f:6b:f5:a1:c6:
         52:97:96:9e:96:98:82:d2:f9:ce:17:33:72:43:b5:a8:de:f4:
         f5:b5:0b:3f:b8:f8:7c:e0:de:7d:2a:cc:49:52:62:9e:d0:53:
         61:ca:80:80:5a:40:c8:56:42:80:2b:f4:1d:39:cc:96:57:8a:
         a3:75:44:20:8a:37:5d:62:83:fa:be:1d:33:a3:a2:e1:24:81:
         70:3e:b2:15:4b:e5:4c:45:3e:b3:b4:31:60:94:81:ab:45:c5:
         84:78:ee:15:19:f5:5e:2b:f3:81:e2:2a:e5:36:2d:8e:c8:6c:
         fa:e3:27:16
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP4PMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjAxOTMyWhcNMjcxMjEzMjAxOTMyWjAYMRYw
FAYDVQQDEw02NzdkOGM1Ny02NWJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvxzatPYF4yxAi3CWfPlzohSfKqHlQ+cY94UmKM4OIF6Zt5EsSnSbUTuN
9DQ/HGxvQlqP+fVG5vlCoAxwyNCrujnztTBU484XnTShZYEc2CkRhNSSXyO11SUo
8dNQ7ER63QdychohihFaHVxwr/jyyO7PUaIG8YLx+ca6+tZO4sTTu1nvK4d2fled
CXfrvRry6lCk0s5OkxNn8fCNskPho7z/d4JpJVhyfaTQunApqPV+yNeNy5NOjpqD
k7JifmXswTAhgeQxInIJmt+sqQkFrHWnfynWFSUc8F2TXvyXDgnX1GH7jG/wkfkG
334IS4JKcYMAuzF4+UuuecKBIn/nVQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKJb
2lrj6Pn3EYIO2NskB2DMoxdGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNjY5NjVBQUNEMzQxMUVGOUI4MUQzNzM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPMwMA0GCSqGSIb3DQEBCwUA
A4IBAQB4EqYEi6uGfmeh9XryfzoumCbDMIVjrDFG8swPEGs0a85l3ZfOMpVdluHm
mUJL8lJcRyW7bcblBoshWialdOwz7oPvldEcBvn7hdNWxRMMLWYYDrdp0Xwh4+kD
Nnq0/dna+/IxE6/2W10V975h+ArrQ3ZwpXiQtQkndehmjMqxz/nFjUJOBlWmx3Cg
P2v1ocZSl5aelpiC0vnOFzNyQ7Wo3vT1tQs/uPh84N59KsxJUmKe0FNhyoCAWkDI
VkKAK/QdOcyWV4qjdUQgijddYoP6vh0zo6LhJIFwPrIVS+VMRT6ztDFglIGrRcWE
eO4VGfVeK/OB4irlNi2OyGz64ycW
-----END CERTIFICATE-----